do son 
The Russian vulnerability broker, Operation Zero, is a company specializing in the acquisition and sale of security vulnerabilities—whether software or hardware—as long as they possess significant exploitation value.
Previously, the company offered up to $20 million for vulnerabilities capable of granting full control over iOS and Android devices. However, the price for such exploits has since declined to $2.5 million.
Recently, Operation Zero released multiple bounty tiers for security vulnerabilities targeting the instant messaging platform Telegram. The offered prices vary depending on the number of user interactions required to trigger the vulnerability, ranging from $500,000 to $4 million.
For instance, a remote code execution (RCE) vulnerability requiring one user interaction—such as a single click—fetches a bounty of $500,000. A zero-click RCE vulnerability, requiring no user interaction, is valued at $1.5 million. A complete exploit chain capable of compromising the entire system may command up to $4 million.
Typically, a full exploit chain refers to a series of vulnerabilities that, when combined, grant attackers full access to the target device. In this case, it implies control over Telegram and potentially the entire operating system.
It is worth noting that vulnerability brokers occasionally stockpile vulnerabilities. However, more often than not, bounties are issued after a client submits a deposit for a specific need. Therefore, this latest bounty from Operation Zero likely reflects an active customer demand rather than mere speculation.
As for why these vulnerabilities are sought, the answer is straightforward—certain organizations acquire them for cyber operations. With Telegram now boasting over a billion users, the discovery of a zero-click vulnerability would enable targeted attacks on individuals or entire user groups through the platform.
The high prices offered clearly indicate the immense value of the attackers’ intended targets, justifying the multimillion-dollar investment in acquiring such exploits.
